CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-4205

Directory traversal vulnerability in admin.php in Flashlight Free Edition allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.7%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.exploit-db.com/exploits/8856
https://exchange.xforce.ibmcloud.com/vulnerabilities/50907
http://www.exploit-db.com/exploits/8856
https://exchange.xforce.ibmcloud.com/vulnerabilities/50907

Products affected by CVE-2009-4205

Ringsworld » Flashlight Free Edition » Version: Any

cpe:2.3:a:ringsworld:flashlight_free_edition:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4205

Products

Pricing

Contact Us